After unsuccessfully googling whether or not Win32/SoftonicDownloader.A is a virus or not, I decided to come here. The little I've found could indicate that it's a PUP but not necessarily a virus. This is software I've had for years, meaning the particular install file that ESET detected, and no antivirus before that ever classified it as a PUP. It's been 'clean' for years. However, since I recently lost a computer to a backdoor virus, I want to be extra careful, even to a paranoid extreme. This is a new computer, and I would like to bring CamStudio back in, but the above message is worrying me. Can someone please help?

Thanks, Marcos, but I can't find anything yellow notification area anywhere...can you direct me perhaps to what area I'm supposed to look for it in?

Oh, and while it might be fine for *you* guys to classify it as PUA, it is not for your customers; I am certain that I am not the only one who freaks out like I did when I saw the notice, having just lost a computer to a backdoor virus! Perhaps if you included more/different detail in the detection notice you could avoid possible heart attacks?

Detection of Potentially Unwanted Applications (PUA) or its cousin, the Potentially Unsafe Application category, is already handled differently than the detection of malicious software, such as computer viruses, worms, trojans, rootkits and other threats because these programs are not categorized as being malicious, per se, but because they perform actions which cannot be classified as malicious but instead fall into a categorization where their activity is potentially problematic in some fashion for the operator of the computer.

A PUA is not a malicious program in and of itself. It is a program which is potentially unwanted. If it were a threat, it would be categorized differently, and the computer operator would have a difference experience when a detection occurred,

When a PUA is detected, an orange-colored dialog is presented, with the word "potential" prominently displayed, and selectable actions include both ignoring the warning and/or excluding the downloaded file from further detection. That is quite different from the red-colored dialogs identify malicious software and offer to clean it, delete it, and so forth.

The PUA classification is, by definition, has to somewhat flexible: It could mean that the program changes the behavior of the computer in some fashion, such as changing the default home page and search engine choice in the web browser, or perhaps installing a toolbar in the web browser that tracks what sites are visited in order to help provide more relevant advertisements to the user's interests. I think ESET realizes that there are some customers who want such functionality from their computer, and choose to use software which enables this behavior.

On the other hand, there are also some ESET customers who feel (rightly or wrongly) that they should not be tracked, should not have every moment they are on the Internet monitored by marketing and analytics companies, not have every search result and clicked-on link aggregated, nor turned into a behavioral profile and monetized.

I guess you could say that these two approaches are, well, if not diametrically-opposed, at least at opposite ends of the privacy spectrum (for lack of a better term).

What ESET has done is take a middle-of-the-road approach: When ESET's software is first installed, the customer makes the choice of whether or not to enable detection for Potentially Unwanted Applications, not ESET, and that choice is not permanent, either: The customer can toggle it at any time after installation.

For more information, please see the following ESET Knowledgebase Articles